Monday, July 27, 2009

There are several classifications of firewalls depending on where the communication is taking place, where the communication is intercepted and the state that is being traced.

1. Packet Filtering Firewall : A packet filtering firewall will examine the information contained in the header of a packet of information which, is attempting to pass through the proverbial 'drawbridge into the castle'. It works on the network level of the OSI. This type of firewall only examines the header information. If data with malicious intent is sent from a trusted source, this type of firewall is no protection. When a packet passes the filtering process, it is passed on to the destination address. If the packet does not pass, it is simply dropped. This model is the best known and most widely used model for describing networking environments."

2. Stateful Packet Inspection : They filter packets at the network level and they recognize and process application-level data, but since they don't employ proxies, they deliver reasonably good performance in spite of the deep packet analysis. On the downside, they are not cheap, and they can be difficult to configure and administer.

3. Application Level Proxy : The slowest and most unwieldy firewall is the application level proxy. This type of firewall works on the application level of the protocol stack, which enables it to perform with more intelligence than a packet filtering or circuit gateway firewall.hey determine if a connection to a requested specific application is permitted such as, Internet access or Email. This allows the user to determine what application their computers will be used for. Also known as proxy servers they not only screen packets and determine what applications are permitted to be accessed but also offer protection from outside sources by hiding internal computers from external viewing.

4. Circuit Gateways : Circuit gateway firewalls work on the transport level of the protocol stack. They are fast and transparent, but really provide no protection from attacks. Circuit gateway firewalls also do not check the data in the packet. The one great benefit to this type of firewall is that they make the LAN behind the firewall invisible, as everything coming from within the firewall appears to have originated from the firewall itself. This is the least used type of firewall.

5. Network-Level Firewalls : The first generation of firewalls (c. 1988) worked at the network level by inspecting packet headers and filtering traffic based on the IP address of the source and the destination, the port and the service. Network-level firewalls are fast, they do not support sophisticated rule-based models. They don’t understand languages like HTML and XML, and they are capable of decoding SSL-encrypted packets to examine their content. As a result, they can’t validate user inputs or detect maliciously modified parameters in an URL request. This leaves your network vulnerable to a number of serious threats.

6. Internet Connection Firewall : Windows XP provides Internet security in the form of the new Internet Connection Firewall (ICF). ICF makes use of active packet filtering, which means the ports on the firewall are opened for as long as needed to enable you to access the services you are interested in.